Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:4736-1

Опубликовано: 12 дек. 2023
Источник: suse-cvrf

Описание

Security update for tiff

This update for tiff fixes the following issues:

  • CVE-2023-2731: Fix null pointer deference in LZWDecode() (bsc#1211478).
  • CVE-2023-1916: Fix out-of-bounds read in extractImageSection() (bsc#1210231).
  • CVE-2023-26965: Fix heap-based use after free in loadImage() (bsc#1212398).
  • CVE-2022-40090: Fix infinite loop in TIFFReadDirectory() (bsc#1214680).

Список пакетов

Image SLES12-SP5-Azure-SAP-BYOS
libtiff5-4.0.9-44.74.1
Image SLES12-SP5-Azure-SAP-On-Demand
libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-BYOS
libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-On-Demand
libtiff5-4.0.9-44.74.1
Image SLES12-SP5-GCE-SAP-BYOS
libtiff5-4.0.9-44.74.1
Image SLES12-SP5-GCE-SAP-On-Demand
libtiff5-4.0.9-44.74.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libtiff5-4.0.9-44.74.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libtiff5-4.0.9-44.74.1
SUSE Linux Enterprise Server 12 SP5
libtiff5-4.0.9-44.74.1
libtiff5-32bit-4.0.9-44.74.1
tiff-4.0.9-44.74.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libtiff5-4.0.9-44.74.1
libtiff5-32bit-4.0.9-44.74.1
tiff-4.0.9-44.74.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libtiff-devel-4.0.9-44.74.1

Ссылки

Описание

LibTIFF master branch has an out-of-bounds read in LZWDecode in libtiff/tif_lzw.c:619, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit b4e79bfa.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-Azure-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Ссылки

Описание

An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-Azure-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Ссылки

Описание

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-Azure-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Ссылки

Описание

loadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-Azure-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Ссылки

Описание

A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.

Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-Azure-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-BYOS:libtiff5-4.0.9-44.74.1
Image SLES12-SP5-EC2-SAP-On-Demand:libtiff5-4.0.9-44.74.1
Ссылки
Уязвимость SUSE-SU-2023:4736-1